Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[filebeat][panw] Improve panos fileset url parsing #22481

Merged
merged 3 commits into from
Nov 19, 2020
Merged

[filebeat][panw] Improve panos fileset url parsing #22481

merged 3 commits into from
Nov 19, 2020

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Nov 9, 2020
edited
Loading

What does this PR do?

Parse panos url field to extract useful ecs fields.

Why is it important?

To improve ECS support in our modules.

Checklist

- [ ] My code follows the style guidelines of this project
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation

  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Nov 9, 2020
@marc-gr marc-gr force-pushed the panos-url branch 2 times, most recently from 6d8957f to 2814985 Compare November 9, 2020 09:57
@marc-gr marc-gr requested a review from a team November 9, 2020 09:58
@elasticmachine
Copy link
Collaborator

elasticmachine commented Nov 9, 2020
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #22481 updated]

  • Start Time: 2020-11-18T15:50:07.631+0000

  • Duration: 54 min 57 sec

Test stats 🧪

Test Results
Failed 0
Passed 1976
Skipped 259
Total 2235

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 1976
Skipped 259
Total 2235

@elasticmachine
Copy link
Collaborator

elasticmachine commented Nov 9, 2020
edited by jenkins-beats-ci bot
Loading

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 1957
Skipped 259
Total 2216

leehinman
leehinman requested changes Nov 9, 2020
View reviewed changes
Copy link
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice.

x-pack/filebeat/module/panw/panos/test/pan_inc_threat.log-expected.json Outdated Show resolved Hide resolved
@marc-gr marc-gr force-pushed the panos-url branch 2 times, most recently from d126d80 to 96f7597 Compare November 18, 2020 11:22
leehinman
leehinman approved these changes Nov 18, 2020
View reviewed changes
Copy link
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. Sorry for not seeing the filename stuff in the first review.

@marc-gr marc-gr merged commit bb973c4 into elastic:master Nov 19, 2020
@marc-gr marc-gr deleted the panos-url branch November 19, 2020 08:38
@marc-gr marc-gr mentioned this pull request Nov 19, 2020
Merged
3 tasks
marc-gr added a commit to marc-gr/beats that referenced this pull request Nov 19, 2020
@marc-gr
[filebeat][panw] Improve panos fileset url parsing (elastic#22481)
5e6c3b9 
* Improve panos url parsing

* Do not parse url details when not needed

* Parse url based on threat subtype

(cherry picked from commit bb973c4)
marc-gr added a commit that referenced this pull request Nov 19, 2020
@marc-gr
[filebeat][panw] Improve panos fileset url parsing (#22481) (#22670)
725961c 
* Improve panos url parsing

* Do not parse url details when not needed

* Parse url based on threat subtype

(cherry picked from commit bb973c4)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ebeahan ebeahan ebeahan left review comments

@leehinman leehinman leehinman approved these changes

Assignees
No one assigned
Labels
enhancement Filebeat Filebeat v7.11.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@marc-gr @elasticmachine @ebeahan @leehinman